View Issue Details

IDProjectCategoryView StatusLast Update
0007832Kali LinuxKali Package Bugpublic2022-08-19 10:59
Reportersumit1101 Assigned Tog0tmi1k  
PrioritynormalSeveritymajorReproducibilityalways
Status closedResolutionno change required 
Product Version2022.2 
Summary0007832: msfconsole Bug, Metasploit bug issue
Description

Metasploit tip: You can pivot connections over sessions
started with the ssh_login modules

msf6 > search exploit/multi/handler

Matching Modules

Name Disclosure Date Rank Check Description


0 exploit/linux/local/apt_package_manager_persistence 1999-03-09 excellent No APT Package Manager Persistence
1 auxiliary/scanner/http/apache_mod_cgi_bash_env 2014-09-24 normal Yes Apache mod_cgi Bash Environment Variable Injection (Shellshock) Scanner
2 exploit/linux/local/bash_profile_persistence 1989-06-08 normal No Bash Profile Persistence
3 exploit/linux/local/desktop_privilege_escalation 2014-08-07 excellent Yes Desktop Linux Password Stealer and Privilege Escalation
4 exploit/multi/handler manual No Generic Payload Handler
5 exploit/windows/mssql/mssql_linkcrawler 2000-01-01 great No Microsoft SQL Server Database Link Crawling Command Execution
6 exploit/windows/browser/persits_xupload_traversal 2009-09-29 excellent No Persits XUpload ActiveX MakeHttpRequest Directory Traversal
7 exploit/linux/local/yum_package_manager_persistence 2003-12-17 excellent No Yum Package Manager Persistence

Interact with a module by name or index. For example info 7, use 7 or use exploit/linux/local/yum_package_manager_persistence

msf6 > use 4
[*] Using configured payload generic/shell_reverse_tcp
msf6 exploit(multi/handler) > set payload android/multi/handler
[-] The value specified for payload is not valid.
msf6 exploit(multi/handler) > set payload android/meterpreter/reverse_tcp
payload => android/meterpreter/reverse_tcp
msf6 exploit(multi/handler) > set lhost 172.28.83.28
lhost => 172.28.83.28
msf6 exploit(multi/handler) > set lport 3390
lport => 3390
msf6 exploit(multi/handler) > options

Module options (exploit/multi/handler):

Name Current Setting Required Description


Payload options (android/meterpreter/reverse_tcp):

Name Current Setting Required Description


LHOST 172.28.83.28 yes The listen address (an interface may be specified)
LPORT 3390 yes The listen port

Exploit target:

Id Name


0 Wildcard Target

msf6 exploit(multi/handler) > run

[-] Handler failed to bind to 172.28.83.28:3390:- -
[-] Handler failed to bind to 0.0.0.0:3390:- -
[-] Exploit failed [bad-config]: Rex::BindFailed The address is already in use or unavailable: (0.0.0.0:3390).
[*] Exploit completed, but no session was created.
msf6 exploit(multi/handler) >

Steps To Reproduce

Metasploit tip: You can pivot connections over sessions
started with the ssh_login modules

msf6 > search exploit/multi/handler

Matching Modules

Name Disclosure Date Rank Check Description


0 exploit/linux/local/apt_package_manager_persistence 1999-03-09 excellent No APT Package Manager Persistence
1 auxiliary/scanner/http/apache_mod_cgi_bash_env 2014-09-24 normal Yes Apache mod_cgi Bash Environment Variable Injection (Shellshock) Scanner
2 exploit/linux/local/bash_profile_persistence 1989-06-08 normal No Bash Profile Persistence
3 exploit/linux/local/desktop_privilege_escalation 2014-08-07 excellent Yes Desktop Linux Password Stealer and Privilege Escalation
4 exploit/multi/handler manual No Generic Payload Handler
5 exploit/windows/mssql/mssql_linkcrawler 2000-01-01 great No Microsoft SQL Server Database Link Crawling Command Execution
6 exploit/windows/browser/persits_xupload_traversal 2009-09-29 excellent No Persits XUpload ActiveX MakeHttpRequest Directory Traversal
7 exploit/linux/local/yum_package_manager_persistence 2003-12-17 excellent No Yum Package Manager Persistence

Interact with a module by name or index. For example info 7, use 7 or use exploit/linux/local/yum_package_manager_persistence

msf6 > use 4
[*] Using configured payload generic/shell_reverse_tcp
msf6 exploit(multi/handler) > set payload android/multi/handler
[-] The value specified for payload is not valid.
msf6 exploit(multi/handler) > set payload android/meterpreter/reverse_tcp
payload => android/meterpreter/reverse_tcp
msf6 exploit(multi/handler) > set lhost 172.28.83.28
lhost => 172.28.83.28
msf6 exploit(multi/handler) > set lport 3390
lport => 3390
msf6 exploit(multi/handler) > options

Module options (exploit/multi/handler):

Name Current Setting Required Description


Payload options (android/meterpreter/reverse_tcp):

Name Current Setting Required Description


LHOST 172.28.83.28 yes The listen address (an interface may be specified)
LPORT 3390 yes The listen port

Exploit target:

Id Name


0 Wildcard Target

msf6 exploit(multi/handler) > run

[-] Handler failed to bind to 172.28.83.28:3390:- -
[-] Handler failed to bind to 0.0.0.0:3390:- -
[-] Exploit failed [bad-config]: Rex::BindFailed The address is already in use or unavailable: (0.0.0.0:3390).
[*] Exploit completed, but no session was created.
msf6 exploit(multi/handler) >

Additional Information

Metasploit tip: You can pivot connections over sessions
started with the ssh_login modules

msf6 > search exploit/multi/handler

Matching Modules

Name Disclosure Date Rank Check Description


0 exploit/linux/local/apt_package_manager_persistence 1999-03-09 excellent No APT Package Manager Persistence
1 auxiliary/scanner/http/apache_mod_cgi_bash_env 2014-09-24 normal Yes Apache mod_cgi Bash Environment Variable Injection (Shellshock) Scanner
2 exploit/linux/local/bash_profile_persistence 1989-06-08 normal No Bash Profile Persistence
3 exploit/linux/local/desktop_privilege_escalation 2014-08-07 excellent Yes Desktop Linux Password Stealer and Privilege Escalation
4 exploit/multi/handler manual No Generic Payload Handler
5 exploit/windows/mssql/mssql_linkcrawler 2000-01-01 great No Microsoft SQL Server Database Link Crawling Command Execution
6 exploit/windows/browser/persits_xupload_traversal 2009-09-29 excellent No Persits XUpload ActiveX MakeHttpRequest Directory Traversal
7 exploit/linux/local/yum_package_manager_persistence 2003-12-17 excellent No Yum Package Manager Persistence

Interact with a module by name or index. For example info 7, use 7 or use exploit/linux/local/yum_package_manager_persistence

msf6 > use 4
[*] Using configured payload generic/shell_reverse_tcp
msf6 exploit(multi/handler) > set payload android/multi/handler
[-] The value specified for payload is not valid.
msf6 exploit(multi/handler) > set payload android/meterpreter/reverse_tcp
payload => android/meterpreter/reverse_tcp
msf6 exploit(multi/handler) > set lhost 172.28.83.28
lhost => 172.28.83.28
msf6 exploit(multi/handler) > set lport 3390
lport => 3390
msf6 exploit(multi/handler) > options

Module options (exploit/multi/handler):

Name Current Setting Required Description


Payload options (android/meterpreter/reverse_tcp):

Name Current Setting Required Description


LHOST 172.28.83.28 yes The listen address (an interface may be specified)
LPORT 3390 yes The listen port

Exploit target:

Id Name


0 Wildcard Target

msf6 exploit(multi/handler) > run

[-] Handler failed to bind to 172.28.83.28:3390:- -
[-] Handler failed to bind to 0.0.0.0:3390:- -
[-] Exploit failed [bad-config]: Rex::BindFailed The address is already in use or unavailable: (0.0.0.0:3390).
[*] Exploit completed, but no session was created.
msf6 exploit(multi/handler) >

Relationships

has duplicate 0007831 closedarnaudr msfconsole Bug, Metasploit bug issue 

Activities

arnaudr

arnaudr

2022-08-03 15:23

manager   ~0016486

If you're connected over rdp, it's likely port 3390 is already in use and that's why it can't bind to it

g0tmi1k

g0tmi1k

2022-08-19 10:59

administrator   ~0016605

This isn't a bug in the software or package.
This error is because you already have something listenning on that port (maybe even inside of msf).

You need to stop the service thats using that port, or switch to a different one.

May want to look into background tasks

Issue History

Date Modified Username Field Change
2022-08-02 13:38 sumit1101 New Issue
2022-08-02 13:48 arnaudr Relationship added has duplicate 0007831
2022-08-03 15:23 arnaudr Note Added: 0016486
2022-08-19 10:59 g0tmi1k Assigned To => g0tmi1k
2022-08-19 10:59 g0tmi1k Status new => closed
2022-08-19 10:59 g0tmi1k Resolution open => no change required
2022-08-19 10:59 g0tmi1k Note Added: 0016605